1. Field of the Invention
The present invention relates to storage devices, and, in particular, to prevention of unauthorized access to data stored on the storage device with interlocking plaintext passwords for data encryption keys.
2. Description of the Related Art
Flash memory is a type of non-volatile memory that is electrically erasable and re-programmable. Flash memory is primarily used in memory cards and USB flash drives for general storage and transfer of data between computers and other digital products. Flash memory is a specific type of electrically erasable programmable read-only memory (EEPROM) that is programmed and erased in large blocks. One commonly employed type of flash memory technology is NAND flash memory. NAND flash memory forms the core of the flash memory available today, especially for removable universal serial bus (USB) storage devices known as USB flash drives, as well as most memory cards. NAND flash memory exhibits fast erase and write times, requires small chip area per cell, and has high endurance. However, the I/O interface of NAND flash memory does not provide full address and data bus capability and, thus, generally does not allow random access to memory locations.
There are three basic operations for NAND devices: read, write and erase. The read and write operations are performed on a page by page basis. Page sizes are generally 2N bytes, where N is an integer, with typical page sizes of, for example, 2,048 bytes (2 kb), 4,096 bytes (4 kb), 8,192 bytes (8 kb) or more per page. Pages are typically arranged in blocks, and an erase operation is performed on a block by block basis. Typical block sizes are, for example, 64 or 128 pages per block. Pages must be written sequentially, usually from a low address to a high address. Lower addresses cannot be rewritten until the block is erased.
A hard disk is addressed linearly by logical block address (LBA). A hard disk write operation provides new data to be written to a given LBA. Old data is over-written by new data at the same physical LBA. NAND flash memories are accessed analogously to block devices, such as hard disks. NAND devices address memory linearly by page number. However, each page might generally be written only once since a NAND device requires that a block of data be erased before new data is written to the block. Thus, for a NAND device to write new data to a given LBA, the new data is written to an erased page that is a different physical page than the page previously used for that LBA. Therefore, NAND devices require device driver software, or a separate media controller chip with firmware, to maintain a record of mappings of each LBA to the current page number where its data is stored. This record mapping is typically managed by a flash translation layer (FTL) in software/firmware that might generate a logical-to-physical translation table. The flash translation layer corresponds to the media layer of software and/or firmware controlling a hard disk drive (HDD).
Since a storage device, such as a solid state disk (SSD) or HDD, might be used to store sensitive or private data, a typical media controller chip might employ data encryption to encrypt data on all or part of the storage media. For example, a media controller chip might implement a self-encrypting storage device, such as an SSD or HDD, which locks data, locks the drive, erases data completely, and safely stores security credentials. Such a chip might further be optionally employed in combination with a Trusted Platform Module (TPM) security chip found on many enterprise systems. The media controller might also interact with other security measures, such as smart cards or biometric verification.
The Trusted Computing Group (TCG) is an organization that has published standards for Storage Devices and Storage Interfaces generally, and for Security Subsystem Classes (SSCs) specifically, which define the minimum capabilities of a storage device in a specific “class”. For example, TCG Core Architecture Specification, Version 2.0, (2009) and TCG Storage Interface Interactions Specification, Version 1.0 (2009), define a comprehensive architecture of storage devices and storage device commands, respectively. Further, TCG Storage SSC: Enterprise, Version 1.0, (2009) (hereinafter “TCG Enterprise Specification”), defines security requirements and commands for enterprise storage systems. Similarly, TCG Storage SSC: Opal, Version 1.0, (2009) (hereinafter “TCG Opal Specification”), defines security requirements and commands for consumer storage systems. These documents are referred to herein collectively as “the TCG Specifications”. Devices operating in accordance with the TCG Specifications might employ encryption methodologies such as described in Specification for the Advanced Encryption Standard (AES), Federal Information Processing Standard (FIPS) Publication 197, (2001) and Specification for the Secure Hash Standard (SHS), FIPS Publication 180-3 (2008), both published by the National Institute of Standards and Technology (NIST). In any data encryption scheme, for both enterprise and consumer systems, key storage and management are important security issues, as gaining access to the one or more security keys might allow access to data stored on the storage device.